$ rpki-client -vvf repo-rpki.idnic.net/repo/4210ec0f-0420-402f-95fe-7b33e5112bc3/0/3136302e32302e3133382e302f32332d3234203d3e20313532373832.roa File: 3136302e32302e3133382e302f32332d3234203d3e20313532373832.roa (raw, json) Hash identifier: jnzw16bqb1Ot67y6WJYq1p4RFM0IEtmQV6RwIJ2Az3Y= Subject key identifier: 2F:F6:E1:17:7A:82:80:66:76:24:14:F0:45:DD:9C:C0:69:56:5D:6C Certificate issuer: /CN=5FE2D2A6AB51686BC91262CC80152C1950637AEA Certificate serial: 649FF886E1F5A113AE74B54A793A04C90D296942 Authority key identifier: 5F:E2:D2:A6:AB:51:68:6B:C9:12:62:CC:80:15:2C:19:50:63:7A:EA Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5FE2D2A6AB51686BC91262CC80152C1950637AEA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4210ec0f-0420-402f-95fe-7b33e5112bc3/0/3136302e32302e3133382e302f32332d3234203d3e20313532373832.roa Signing time: Sun 29 Jun 2025 18:00:01 +0000 ROA not before: Sun 29 Jun 2025 17:55:01 +0000 ROA not after: Sun 28 Jun 2026 18:00:01 +0000 asID: 152782 IP address blocks: 160.20.138.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4210ec0f-0420-402f-95fe-7b33e5112bc3/0/5FE2D2A6AB51686BC91262CC80152C1950637AEA.crl rsync://repo-rpki.idnic.net/repo/4210ec0f-0420-402f-95fe-7b33e5112bc3/0/5FE2D2A6AB51686BC91262CC80152C1950637AEA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5FE2D2A6AB51686BC91262CC80152C1950637AEA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 02 Jul 2025 21:46:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:9f:f8:86:e1:f5:a1:13:ae:74:b5:4a:79:3a:04:c9:0d:29:69:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5FE2D2A6AB51686BC91262CC80152C1950637AEA Validity Not Before: Jun 29 17:55:01 2025 GMT Not After : Jun 28 18:00:01 2026 GMT Subject: CN=2FF6E1177A828066762414F045DD9CC069565D6C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:b2:b1:2c:ac:c2:9b:2d:28:37:25:74:24:6e: 22:fb:e9:22:83:22:64:80:1e:de:03:a6:bf:b5:23: 7b:bd:0e:eb:38:89:9d:8a:1e:d8:1d:42:fd:3f:df: 44:61:35:24:f8:72:b9:f3:3a:e1:9d:15:2c:83:e7: 7f:08:db:c9:13:ba:eb:38:58:1d:f6:21:59:a4:ce: 0a:d1:3f:5d:4a:06:60:0e:a9:56:b1:7a:2e:13:bc: 3e:6b:43:ec:38:f4:98:44:4d:9e:6f:b4:5e:56:a9: 77:ab:36:ef:6d:4a:be:43:f0:1c:53:61:05:71:e5: fe:9b:ed:2d:79:4b:84:9c:fe:da:46:d6:a3:2f:89: be:f6:a5:d7:d4:d9:05:5d:c0:29:1c:da:e5:63:2d: 93:5f:59:61:ab:94:76:c1:96:3f:cd:99:43:6b:6d: 2f:9b:6c:65:2d:a5:d2:b8:d0:b9:19:c5:7c:d1:06: a9:27:ef:7b:e1:6c:9e:18:82:43:61:a9:22:0b:77: 88:fd:c1:a3:2b:05:60:9d:e9:fc:6c:c9:1b:0b:a1: 27:0c:fd:9f:7e:97:2a:0b:6c:3d:d2:48:76:d0:7f: 5b:17:7c:3c:40:28:0e:21:f3:0e:02:c7:a9:cd:24: 89:29:c4:53:45:9f:b7:e4:7b:04:5e:1d:04:df:df: dd:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:F6:E1:17:7A:82:80:66:76:24:14:F0:45:DD:9C:C0:69:56:5D:6C X509v3 Authority Key Identifier: keyid:5F:E2:D2:A6:AB:51:68:6B:C9:12:62:CC:80:15:2C:19:50:63:7A:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4210ec0f-0420-402f-95fe-7b33e5112bc3/0/5FE2D2A6AB51686BC91262CC80152C1950637AEA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5FE2D2A6AB51686BC91262CC80152C1950637AEA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4210ec0f-0420-402f-95fe-7b33e5112bc3/0/3136302e32302e3133382e302f32332d3234203d3e20313532373832.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.20.138.0/23 Signature Algorithm: sha256WithRSAEncryption ad:67:d3:f9:4d:c6:d7:16:8e:59:19:6b:59:f5:33:27:95:eb: 13:94:d5:7c:9a:52:a6:2f:42:cb:a3:2c:8e:3e:a4:fc:e9:53: 51:5c:49:43:f5:c3:d2:f4:86:b7:9f:0f:46:cb:4a:ae:42:7b: ac:f7:38:e3:ca:ab:eb:8b:b8:4b:91:ae:37:cb:21:2c:96:bc: 2a:22:65:04:45:a5:c9:a1:ba:1d:2c:2f:f9:78:78:ae:1b:74: f3:65:fa:25:c3:b3:79:16:af:e6:41:b0:c3:96:d7:22:22:74: 97:df:57:cc:b3:4a:93:91:5b:99:e6:28:d7:1d:b4:8f:46:c9: d0:bd:62:3a:e5:16:68:91:70:ad:85:be:b8:e3:18:3f:1d:f5: 4a:54:c0:7e:5e:62:3f:8d:4e:09:b7:a8:bf:4a:e8:56:14:59: c9:fb:7d:ea:a0:aa:f5:be:8d:49:2d:9b:2f:07:02:57:68:e9: cb:d4:b4:7c:e3:cd:99:fc:62:73:f8:37:49:ca:12:4c:08:e3: d2:72:6f:10:1a:9e:f0:e7:a4:41:d1:04:9b:47:38:6c:38:f5: 4e:98:a6:29:0d:60:28:de:e2:3a:34:40:80:12:7b:d4:fc:39: 4f:db:23:44:8e:29:4f:c6:6f:9a:77:08:bf:51:f5:c7:b9:f3: 78:0d:3d:2e -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUZJ/4huH1oROudLVKeToEyQ0paUIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNUZFMkQyQTZBQjUxNjg2QkM5MTI2MkNDODAxNTJDMTk1 MDYzN0FFQTAeFw0yNTA2MjkxNzU1MDFaFw0yNjA2MjgxODAwMDFaMDMxMTAvBgNV BAMTKDJGRjZFMTE3N0E4MjgwNjY3NjI0MTRGMDQ1REQ5Q0MwNjk1NjVENkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXsrEsrMKbLSg3JXQkbiL76SKD ImSAHt4Dpr+1I3u9Dus4iZ2KHtgdQv0/30RhNST4crnzOuGdFSyD538I28kTuus4 WB32IVmkzgrRP11KBmAOqVaxei4TvD5rQ+w49JhETZ5vtF5WqXerNu9tSr5D8BxT YQVx5f6b7S15S4Sc/tpG1qMvib72pdfU2QVdwCkc2uVjLZNfWWGrlHbBlj/NmUNr bS+bbGUtpdK40LkZxXzRBqkn73vhbJ4YgkNhqSILd4j9waMrBWCd6fxsyRsLoScM /Z9+lyoLbD3SSHbQf1sXfDxAKA4h8w4Cx6nNJIkpxFNFn7fkewReHQTf393hAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUL/bhF3qCgGZ2JBTwRd2cwGlWXWwwHwYDVR0j BBgwFoAUX+LSpqtRaGvJEmLMgBUsGVBjeuowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 MjEwZWMwZi0wNDIwLTQwMmYtOTVmZS03YjMzZTUxMTJiYzMvMC81RkUyRDJBNkFC NTE2ODZCQzkxMjYyQ0M4MDE1MkMxOTUwNjM3QUVBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNUZFMkQyQTZBQjUxNjg2QkM5MTI2MkNDODAxNTJDMTk1MDYz N0FFQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQyMTBlYzBmLTA0MjAtNDAyZi05 NWZlLTdiMzNlNTExMmJjMy8wLzMxMzYzMDJlMzIzMDJlMzEzMzM4MmUzMDJmMzIz MzJkMzIzNDIwM2QzZTIwMzEzNTMyMzczODMyLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBoBSKMA0GCSqG SIb3DQEBCwUAA4IBAQCtZ9P5TcbXFo5ZGWtZ9TMnlesTlNV8mlKmL0LLoyyOPqT8 6VNRXElD9cPS9Ia3nw9Gy0quQnus9zjjyqvri7hLka43yyEslrwqImUERaXJobod LC/5eHiuG3TzZfolw7N5Fq/mQbDDltciInSX31fMs0qTkVuZ5ijXHbSPRsnQvWI6 5RZokXCthb644xg/HfVKVMB+XmI/jU4Jt6i/SuhWFFnJ+33qoKr1vo1JLZsvBwJX aOnL1LR8482Z/GJz+DdJyhJMCOPScm8QGp7w56RB0QSbRzhsOPVOmKYpDWAo3uI6 NECAEnvU/DlP2yNEjilPxm+adwi/UfXHufN4DT0u -----END CERTIFICATE-----Generated at Mon Jun 30 16:38:39 2025 by rpki-client